Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
578
Views
0
Helpful
1
Replies

VPN Client certificates from Microsoft CA

bruce
Level 1
Level 1

‎10-12-2007 03:17 PM - edited ‎02-21-2020 03:19 PM

Is there any way to use Microsft CA certificates that are enrolled via the MS CA web service and not the Cisco VPN Client? I find that these certificates are imported okay, but are always placed in the RA store where they cannot be selected for certificate authentication. If I create an enrollment request through the client and then submit that to the MS CA, the resulting certificate is imported correctly. Can someone educate me on what the VPN client is specifying in the enrollment request to create the accepted cert? Thanks!

Labels:
0 Helpful
1 Reply 1

jsivulka
Level 5
Level 5

‎10-18-2007 02:07 PM

Yes Cisco VPN client with Microsoft CA server certificate able to connect to VPN Concentrator. In order to resolve this issue, ensure that the time is configured properly on both the VPN Concentrator and the CA server. The use of Network Time Protocol (NTP) on both the VPN Conentrator and the CA server allows you to keep time in sync. Clocks in many devices tend to drift a few seconds per day. Exact time synchronization is important for systems on a network so that protocol timestamps and events are accurate. Digital certificates, for example, carry a timestamp that determines a time frame for their validity. An inaccurate time or date can prevent connection.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents